MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

updated README.md file for expansion module.

pull/615/head
Usama015 2023-06-14 11:34:31 +05:00
parent 56088a1745
commit 41115f5519
2 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
documentation/README.md
View File

@ -1847,6 +1847,36 @@ Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd).
----- -----
#### [whoisfreaks](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/whoisfreaks.py)
<img src=logos/whoisfreaks.png height=60>
An expansion module for https://whoisfreaks.com/ that will provide an enriched analysis of the provided domain, including WHOIS and DNS information
- **features**:
>The module takes a domain as input and queries the Whoisfreaks API with it.
>
>Some parsing operations are then processed on the result of the query to extract as much information as possible.
>
>After this we map the extracted data to MISP attributes.
- **input**:
>A domain whose Data is required
- **output**:
>MISP attributes resulting from the query on Whoisfreaks API, included in the following list:
>- domain
>- dns-soa-email
>- whois-registrant-email
>- whois-registrant-phone
>- whois-registrant-name
>- whois-registrar
>- whois-creation-date
>- domain
- **references**:
>https://whoisfreaks.com/
- **requirements**:
>An access to the Whoisfreaks API_KEY
-----
#### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py) #### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py)
<img src=logos/wikidata.png height=60> <img src=logos/wikidata.png height=60>

30
documentation/mkdocs/expansion.md
View File

@ -1844,6 +1844,36 @@ Module to query a local instance of uwhois (https://github.com/rafiot/uwhoisd).
----- -----
#### [whoisfreaks](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/whoisfreaks.py)
<img src=../logos/whoisfreaks.png height=60>
An expansion module for https://whoisfreaks.com/ that will provide an enriched analysis of the provided domain, including WHOIS and DNS information
- **features**:
>The module takes a domain as input and queries the Whoisfreaks API with it.
>
>Some parsing operations are then processed on the result of the query to extract as much information as possible.
>
>After this we map the extracted data to MISP attributes.
- **input**:
>A domain whose Data is required
- **output**:
>MISP attributes resulting from the query on Whoisfreaks API, included in the following list:
>- domain
>- dns-soa-email
>- whois-registrant-email
>- whois-registrant-phone
>- whois-registrant-name
>- whois-registrar
>- whois-creation-date
>- domain
- **references**:
>https://whoisfreaks.com/
- **requirements**:
>An access to the Whoisfreaks API_KEY
-----
#### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py) #### [wiki](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/wiki.py)
<img src=../logos/wikidata.png height=60> <img src=../logos/wikidata.png height=60>